The document discusses various approaches for authenticating users, beyond passwords. It describes some of the limitations of passwords, as well as other single-factor authentication methods like biometrics. Multi-factor authentication is proposed, with passwords as the second factor and behavioral biometrics as the first factor. Behavioral biometrics could include factors like typing patterns, application usage, search and browsing behavior, location data, and interactions with other devices. The document also discusses the need for specialized hardware to securely analyze and store behavioral data for authentication purposes. Overall, the document analyzes different authentication methods and argues that multi-factor authentication combining passwords and behavioral biometrics analyzed by dedicated hardware could help address limitations with passwords.
HCI 2018 (9/10) Affective Factors. From Emotion to Persuasive TechnologiesSabin Buraga
A lecture delivered for Human-Computer Interaction, a post-graduate level discipline taught by Dr. Sabin Buraga at Faculty of Computer Science, Alexandru Ioan Cuza University of Iasi, Romania.
Visit also https://profs.info.uaic.ro/~busaco/teach/courses/hci/hci-film.html
Face Recognition for Personal Photos using Online Social Network Context and ...Wesley De Neve
Thanks to easy-to-use multimedia devices and cheap storage and bandwidth, present-day social media applications host staggering numbers of personal photos. As the number of personal photos shared on social media applications continues to accelerate, the problem of organizing and retrieving relevant photos becomes more apparent for consumers. Automatic face recognition assists in bringing order to collections of personal photos. However, personal photos pose a plethora of challenges for automatic face recognition. Face images may widely differ in terms of lighting, expressions, and pose. As a result, the accuracy of appearance-based techniques for automatic face recognition in collections of personal photos cannot be considered satisfactory.
This talk aims at providing insight into timely developments in the area of socially-aware face recognition. We first discuss how online social network context can be used to substantially improve the effectiveness of appearance-based techniques for automatic face recognition, as recently demonstrated by researchers of Harvard University. Next, we pay attention to collaborative face recognition in decentralized online social networks, as studied at KAIST. For both of the aforementioned topics, we present experimental results obtained for real-world collections of personal photos, contributed by volunteers who are members of online social networks such as Facebook and Cyworld. Finally, we conclude our talk with an outline of future applications of socially-aware face recognition, including augmented identity and socially-aware robots.
Consumers' private info and privacy are being violated without their consent or knowledge. This is context for the series of privacy forward services that consumers may choose to use to protect themselves -- because no one else will (protect them).
What's New in IdP 9.0 Behavioral Biometrics and more…SecureAuth
We are proud to announce our latest version of SecureAuth™ IdP v9.0. This release marks a milestone in technology advancement for access control and authentication security with the introduction of behavioral biometrics. This groundbreaking new risk analysis technology makes an organization even more secure while improving user experience. The technology performs keystroke and mouse movement analysis to determine a user’s legitimacy without the user noticing, if they don’t match – SecureAuth IdP v9.0 can require multi-factor authentication (MFA) for that login to proceed. SecureAuth is the first identity management vendor to offer this capability as part of a comprehensive risk-based authentication process.
Tecnologías clave para la transformación digital en las empresasQindel Group
Contenido de la presentación realizada en el evento Galicia TIC 2016, acerca de las tecnologías que han facilitado la transformación digital en las empresas.
HCI 2018 (9/10) Affective Factors. From Emotion to Persuasive TechnologiesSabin Buraga
A lecture delivered for Human-Computer Interaction, a post-graduate level discipline taught by Dr. Sabin Buraga at Faculty of Computer Science, Alexandru Ioan Cuza University of Iasi, Romania.
Visit also https://profs.info.uaic.ro/~busaco/teach/courses/hci/hci-film.html
Face Recognition for Personal Photos using Online Social Network Context and ...Wesley De Neve
Thanks to easy-to-use multimedia devices and cheap storage and bandwidth, present-day social media applications host staggering numbers of personal photos. As the number of personal photos shared on social media applications continues to accelerate, the problem of organizing and retrieving relevant photos becomes more apparent for consumers. Automatic face recognition assists in bringing order to collections of personal photos. However, personal photos pose a plethora of challenges for automatic face recognition. Face images may widely differ in terms of lighting, expressions, and pose. As a result, the accuracy of appearance-based techniques for automatic face recognition in collections of personal photos cannot be considered satisfactory.
This talk aims at providing insight into timely developments in the area of socially-aware face recognition. We first discuss how online social network context can be used to substantially improve the effectiveness of appearance-based techniques for automatic face recognition, as recently demonstrated by researchers of Harvard University. Next, we pay attention to collaborative face recognition in decentralized online social networks, as studied at KAIST. For both of the aforementioned topics, we present experimental results obtained for real-world collections of personal photos, contributed by volunteers who are members of online social networks such as Facebook and Cyworld. Finally, we conclude our talk with an outline of future applications of socially-aware face recognition, including augmented identity and socially-aware robots.
Consumers' private info and privacy are being violated without their consent or knowledge. This is context for the series of privacy forward services that consumers may choose to use to protect themselves -- because no one else will (protect them).
What's New in IdP 9.0 Behavioral Biometrics and more…SecureAuth
We are proud to announce our latest version of SecureAuth™ IdP v9.0. This release marks a milestone in technology advancement for access control and authentication security with the introduction of behavioral biometrics. This groundbreaking new risk analysis technology makes an organization even more secure while improving user experience. The technology performs keystroke and mouse movement analysis to determine a user’s legitimacy without the user noticing, if they don’t match – SecureAuth IdP v9.0 can require multi-factor authentication (MFA) for that login to proceed. SecureAuth is the first identity management vendor to offer this capability as part of a comprehensive risk-based authentication process.
Tecnologías clave para la transformación digital en las empresasQindel Group
Contenido de la presentación realizada en el evento Galicia TIC 2016, acerca de las tecnologías que han facilitado la transformación digital en las empresas.
Topan s.r.l. – entreprise italienne, spécialisée dans la production de produits frais et surgelés, à forte valeur ajoutée.
Pour plus d'informations, contactez-nous: sales@topan.it - www.topan.it
Database testing of a command line application world’s largest enterprise software company, with 110% productivity in functional testing and 96% productivity in performance testing.
Ungas medievardag är allt med mångsidig och medieinnehåll är en byggsten för ungas identitetsbyggande.
Men hur står det till med mediekritiken - finns den där när falska nyheter, manipulerade bilder och odaterade videosnuttar knackar på? Och hur kan vi som jobbar med unga stöda dem i att upptäcka det roliga i att tänka mediekritiskt?
Föreläsning av Isabella Holm på NUORI2017, 28.3.2017.
Mobile User Authentication Based On User Behavioral Pattern (MOUBE)CSCJournals
Smart devices are equipped with multiple authentication techniques and still remain prone to
attacks since all of these techniques require explicit user intervention. The purpose of this paper
is to capture the user behavior in order to use it as an implicit authentication technique.
In this paper, we introduce a novel authentication model to be used complementary to the
existing models; Particularly, the context of the user, the duration of usage of each application
and the occurrence time were examined and modeled using the cubic spline function as an
authentication technique. A software system composed of two software components has been
implemented on Android platform. Preliminary results show a 76% accuracy rate in determining
the rightful owner of the device.
Behavioural biometrics and cognitive security authentication comparison studyacijjournal
Behavioural
biometrics is a scien
tific study with the primary purpose of identifying the authenticity of a
user based on the way they interact with an authentication mechanism. While Association based password
authentication is a cognitive model of authentication system.
The work done shows the implementation of Keyboard Latency technique for Authentication,
implementation of Association Based Password authentication and comparison among two. There are
several forms of behavioural biometrics such as voice analysis, signat
ure verification, and keystroke
dynamics. In this study, evidence is presented indicating that keystroke dynamics is a viable method not
only for user verification, but also for identification as well. The work presented in this model borrows
ideas from th
e bioinformatics literature such as position specific scoring matrices (motifs) and multiple
sequence alignments to provide a novel approach to user verification and identification within the context
of a keystroke dynamics based user authentication system
. Similarly Cognitive approach can be defined in
many ways of which one is association based Technique for authentication
Scale Invariant Feature Transform Based Face Recognition from a Single Sample...ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Dynamic Behavior System works on the principle of dynamic motion which is captured when the individual walks, sits or performs a certain action.
Like bio-metric properties used, the motion and behavior of an individual is said to be unique by medical study on behavioral science of humans.
Topan s.r.l. – entreprise italienne, spécialisée dans la production de produits frais et surgelés, à forte valeur ajoutée.
Pour plus d'informations, contactez-nous: sales@topan.it - www.topan.it
Database testing of a command line application world’s largest enterprise software company, with 110% productivity in functional testing and 96% productivity in performance testing.
Ungas medievardag är allt med mångsidig och medieinnehåll är en byggsten för ungas identitetsbyggande.
Men hur står det till med mediekritiken - finns den där när falska nyheter, manipulerade bilder och odaterade videosnuttar knackar på? Och hur kan vi som jobbar med unga stöda dem i att upptäcka det roliga i att tänka mediekritiskt?
Föreläsning av Isabella Holm på NUORI2017, 28.3.2017.
Mobile User Authentication Based On User Behavioral Pattern (MOUBE)CSCJournals
Smart devices are equipped with multiple authentication techniques and still remain prone to
attacks since all of these techniques require explicit user intervention. The purpose of this paper
is to capture the user behavior in order to use it as an implicit authentication technique.
In this paper, we introduce a novel authentication model to be used complementary to the
existing models; Particularly, the context of the user, the duration of usage of each application
and the occurrence time were examined and modeled using the cubic spline function as an
authentication technique. A software system composed of two software components has been
implemented on Android platform. Preliminary results show a 76% accuracy rate in determining
the rightful owner of the device.
Behavioural biometrics and cognitive security authentication comparison studyacijjournal
Behavioural
biometrics is a scien
tific study with the primary purpose of identifying the authenticity of a
user based on the way they interact with an authentication mechanism. While Association based password
authentication is a cognitive model of authentication system.
The work done shows the implementation of Keyboard Latency technique for Authentication,
implementation of Association Based Password authentication and comparison among two. There are
several forms of behavioural biometrics such as voice analysis, signat
ure verification, and keystroke
dynamics. In this study, evidence is presented indicating that keystroke dynamics is a viable method not
only for user verification, but also for identification as well. The work presented in this model borrows
ideas from th
e bioinformatics literature such as position specific scoring matrices (motifs) and multiple
sequence alignments to provide a novel approach to user verification and identification within the context
of a keystroke dynamics based user authentication system
. Similarly Cognitive approach can be defined in
many ways of which one is association based Technique for authentication
Scale Invariant Feature Transform Based Face Recognition from a Single Sample...ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Dynamic Behavior System works on the principle of dynamic motion which is captured when the individual walks, sits or performs a certain action.
Like bio-metric properties used, the motion and behavior of an individual is said to be unique by medical study on behavioral science of humans.
Proactive Displays: Bridging the Gaps between Online Social Networks and Shar...Joe McCarthy
Presentation by Joe McCarthy on February 13, 2008, to the Social Networks class (TCSS 590, http://courses.washington.edu/amtgrade/courses/socialnets/Home.html) at the University of Washington, Tacoma, taught by Ankur Teredesai.
Recognizing the fact usernames passwords are the weakest link in an.docxdanas19
Recognizing the fact usernames passwords are the weakest link in an organization’s security system because username and password are shareable, and most passwords and usernames are vulnerable and ready to be cracked with a variety of methods using adopting a record number of devices and platforms connected to the Internet of Things daily and at an alarming rate.
Provide the all-inclusive and systematic narratives of the impact of physical biometric operations on the current and future generation.
An Integrated Approach of Physical Biometric Authentication System
Objective
Per Fennelly (2017), every human being is created differently with physical and behavioral traits that are unique; and everyone’s fingerprints, iris, facial feature and body types are entirely different from one another. The effective and efficient use of biometric technology will play a key role in automating a new method of identifying living person based on individual physiological and behavioral characteristics. Protecting sensitive information from vulnerable access by unauthorized users is paramount in our digital world and attempting to identify and mitigating such operation is becoming very challenging and troubling to the entire human society.
Biometric authentication-based identity is playing a vital role in security operations. Traditional authentication approach used to identity logon, logout, username, passwords are no longer enough to battle the identity and security crisis. Physical Biometric processes often allow the authentication of an individual personal data to be stored in a document format for future references. The comparison is often used to determine whether the biometric characteristics of individual match the previously information recorded in the document. Physical biometric systems have proven to be very effective in verification and identification processes.
Physical biometric identification and recognition processes are classified in three groupings including acquisition, feature extraction and comparison. Traditionally, biometric characteristics are acquired through measurements, such as a camera, microphone, fingerprint scanner, gathering of specific characteristics and creation of digital representation, photograph, a voice recording and scanned fingerprint. Most naturally significant areas supporting physical biometric process include corners of the eyes, mouth, nose, chin and likely to be identified by human inspection and through an automated biometric process.
Biometric Access Control is a security system used to provides conditional access after scanning for unique physical characteristics including installing Biometric Access at ATM’s and other public facilities to safeguard financial data. Indeed, when faces, fingers, irises and veins are scanned such data are converted into digital format and a complex algorithm is used to make a match. Such physical biometric processes .
A Smart Receptionist Implementing Facial Recognition and Voice InteractionCSCJournals
The purpose of this research is to implement a smart receptionist system with facial recognition and voice interaction using deep learning. The facial recognition component is implemented using real time image processing techniques, and it can be used to learn new faces as well as detect and recognize existing faces. The first time a customer uses this system, it will take the person’s facial data to create a unique user facial model, and this model will be triggered if the person comes the second time. The recognition is done in real time and after which voice interaction will be applied. Voice interaction is used to provide a life-like human communication and improve user experience. Our proposed smart receptionist system could be integrated into the self check-in kiosks deployed in hospitals or smart buildings to streamline the user recognition process and provide customized user interactions. This system could also be used in smart home environment where smart cameras have been deployed and voice assistants are in place.
3. A password is a single-factor
authentication factor that creates an
“assurance” that an individual is who
they say they are.
Passwords are doomed, and hated,
and unnecessarily difficult, and
perhaps irreplaceable.
4. The password is a miserable authenticator
if it’s complex enough, it’s too hard to
remember
if it’s simple enough, bad guys will guess it
can’t re-use them
can’t write them down
the places they are used often have
surveillance systems & people with recording
devices
bad guys steal huge batches of them (sort of)
disconnect between cost and true necessity
5. Unfortunately, no one is going to give up using
passwords. It’s all they know.
They’ve spent their lifetimes naming their pets
accordingly.
Something must be done to
SAVE the PASSWORD.
8. life experience passwords
graphical password
drawn passwords / signatures
uSig (know the pic/have the gizmo)
questions
gestures
multi-touch gestures
tokens (have the gizmo)
e-signature (requires “device”)
9. Not a single scheme is dominant over passwords, i.e., does
better on one or more benefits and does at least as well on
all others. Almost all schemes do better than passwords in
some criteria…
Thus, the current state of the world is a Pareto equilibrium.
Replacing passwords with any of the schemes examined is
not a question of giving up an inferior technology for
something unarguably better, but of giving up one set of
compromises and trade-offs in exchange for another.
The Quest to Replace
Passwords: A Framework
for Comparative
Evaluation of Web
Authentication Schemes
Joseph Bonneau University
of Cambridge / Cormac
Herley Microsoft Research /
Paul C. van Oorschot
Carleton University / Frank
Stajanoy University of
Cambridge
10. iris
retina
fingerprint
heart rate
face
ear geometry
hand geometry
palm vein pattern
thermal signature
odor
bioimpedance
+
11. Physical Biometrics is a miserable authenticator
people don’t want to give them up
once it’s in the wild, it’s gone
actual features identify a person, but does the
digital representation adequately represent the
actual feature
vulnerable – replay attacks+
16. burstiness
length of session
average time on a page
time between revisits
genre (diffbot.com)
User Authentication
from Web Browsing
Behavior
Myriam Abramson
Naval Research
Laboratory / David W.
Aha Naval Research
Laboratory
17. Behavioral Biometrics may be better
transparent to users
can be used continuously
but
requires privacy and security by design
adequate processing for adequately complex
analysis is not yet available
requires authentication unit / chip
18. For regular smartphone users, aggregating behavior information
will be adequate to verify identity.
Our phones could “know who we are”, if we taught them to “look at
our behavior”.
Rather than replacing passwords, which still have some security
purposes, as well as a psychological/cultural value, in the future
we could consider passwords to be the 2nd Factor – and behavioral
biometrics to be the1st Factor.
(mention the two Bs and EU Data Protection here)
19. a theoretical app used to brainstorm about facets of
human/phone interaction and convergence
(or a real app if someone wants to develop it)
20. language (abbreviations, case usage, grammar,
word omissions, slang, emoticons + )
keyboarding (use of autocomplete + )
errors and error correction
(backspace/autocorrect)
locations / travel
app usage
gaming and in-game behavior
search behavior
phone positioning
unlock behavior
“telephone” usage
(Bluetooth/speaker/handheld)
financial transactions
The role of VARIATION:
The extent to which each facet
VARIES in similar and different
contexts and assessed against
other facets, is itself an essential
facet.
21. The elements of the outside world that interact with
you converge on only one person.*
The way they contact you and the way you respond
is an authentication factor. For today, we will call it
“convergence”.
The measureable facets of “convergence” include:
how (text, email, app)
when
where
extent (“length of interaction”)
response time
* of course, there are exceptions
“Outbound interactions” are a
behavioral biometric. “Inbound
interactions” are not. The
combination of the two can be used
as an authentication factor.
22. The theoretical “am I me” app makes a go/no-go decision regarding allowing
password submission.
The in-phone process creates “virtual images” that represent the person's range of
behaviors and connections (who/how+). The images are generated over time via
fly-by. Variability is critical; contrary to instinct, it is an identifying feature.
The "images" (akin to perceptual hashes) are the only aggregation point. The data
does not exist as a single unit except as represented in the image.
The images are stored in the app server. Then the current/recent "image" is
verified to the server images using complicated math. Based on the result, the
phone attests (or doesn’t attest) to the user, and a password can be submitted.
(In-phone verification is "possible" but seems (perhaps impossibly) more
vulnerable.)
25. RE THE NEED FOR AN AUTHENTICATION PROCESSING UNIT
The challenge lies in assuring the security of the completed system
and for this, experience shows that general-purpose computing
systems cannot be made secure enough to resist compromise by a
determined adversary.
Historically, special-purpose computing needs have resulted in the
development of dedicated, special-purpose computing hardware.
Early in the history of computing, the Arithmetic Logic Unit (ALU)
was developed to augment the numerical processing capabilities of
more limited general-purpose CPUs. Likewise, Graphics Processing
Units (GPUs) were developed to provide high-performance graphics
handling. Similarly, designing and implementing a hardware
“Authentication Processing Unit” (APU) implementing the principles
of authentication outlined above would be an expected outcome of
such consideration.
Principles of
Authentication
Ed Talbot UC Davis /
Sean Peisert UC Davis
and Berkeley Lab /
Matt Bishop UC Davis
(SOUPS 2014)
26. Core Characteristics for Evaluating
Authenticators
Bruce K. Marshall PasswordResearch.com
Alternatives to passwords: Replacing the ubiquitous
authenticator
Ron Condon in Computer Weekly
Principles of Authentication
Ed Talbot UC Davis / Sean Peisert UC Davis and Berkeley
Lab / Matt Bishop UC Davis (SOUPS 2014)
Who You Are by way of What You Are:
Behavioral Biometric Approaches to Authentication
Michael Karlesky, Napa Sae-Bae, Katherine Isbister, Nasir
Memon NYU Polytechnic School of Engineering (SOUPS 2014)
User Authentication from Web Browsing Behavior
Myriam Abramson Naval Research Laboratory / David W.
Aha Naval Research Laboratory
The Quest to Replace Passwords: A Framework for
Comparative Evaluation of Web Authentication Schemes
Joseph Bonneau University of Cambridge / Cormac Herley
Microsoft Research / Paul C. van Oorschot Carleton
University / Frank Stajanoy University of Cambridge
DARPA Active Authentication
Website:
27. Abraham Aha
The authentication problem has been addressed in the context of masquerade detection in computer security by modeling user command line sequences
(Schonlau et al. 2001). In the masquerade detection problem, the task is to positively identify masqueraders but not to positively identify a particular user. Recent
experiments modeling user issued OS commands as bag-of-words without timing information have obtained a 72.7% true positive rate and a 6.3% false positive
rate (Salem and Stolfo 2010) on a set of 15000
commands for 70 users grouped in sets of 100 commands.
In that work, a one-class support vector machine (SVM) (Schölkopf et al. 2000) was shown to produce better performance results than threshold-based
comparison with a distance
metric. We extend the results of this work to features of Web browsing behavior individually and in combination with an ensemble.
LATER
The goal of this study is to verify the claim that users can be authenticated from their Web browsing behavior. All experiments
were conducted in the Weka machine learning workbench (Hall et al. 2009) augmented by our own ensemble algorithms.
We extracted the features of Web browsing behavior described above from each user session and aggregated them into one feature vector. A user’s dataset
consisted of all sessions collected for that user. For each user, we compared the false rejection rate (FRR) (i.e., false negative rate)and the false acceptance rate
(FAR) (i.e., false positive rate) for classifiers derived from each feature set and an ensemble classifier composed of classifiers based on a weighted random
sample of those features. FRR results were obtained using cross-validation on the user’s dataset while FAR results were obtained by applying the classifier
obtained on a dataset containing the data of all the other users.
LATER
One-class classification is pertinent in the context of classification with only positive examples where negative examples are hard to come by or do not fit into a
unique category. Some applications for one-class classification include anomaly detection, fraud detection, outlier detection, authorship verification and document
classification where categories are learned individually. The goal of one-class classification is to detect all classes that differ from the target class without knowing
them in advance. One-class classification is similar to unsupervised learning but tries to solve a discriminative problem (i.e., self or not self) rather than a
generative problem as in clustering algorithms or density estimation.
Several algorithms have been modified to perform one-class classification. We used a one-class SVM available with LibSVM (Schölkopf et al. 2000) as part of the
Weka machine learning toolbench. SVMs are large-margin classifiers that map feature vectors to a higher dimensional space using kernels based on similarity
metrics. The optimization objective in SVMs is to find a linear separating hyperplane with maximum margin between class boundaries.
28. Attacks
Masquerade attacks
Linkage attacks – like a database join
Graphical passwords – pattern based attacks
29. Abraham/Aha
Attribution is broadly defined as the assignment of an effect to a cause. We differentiate
between authentication and identification as two techniques for attribution of identity.
Authentication is defined as the verification of claimed identification (Jain, Bolle, and
Pankanti 1999). Their distinction is subtle in the sense that authentication is usually
obtained through identification. Likewise, identification can be obtained from
authentication attempts of each user in turn.
Identification involves recognition as a one-to-many matching problem while
authentication is a one-to-one matching problem. This paper focuses on the
authentication problem.
User syntactic patterns
Power Law distribution
30. Passwords lack integrity based on...
how difficult they are to guess, forge, or steal
or inadvertently reveal
or give away
or USE without the individual’s willing participation
31. Wikipedia says there are “Three categories of
authentication factors”
Knowledge – things the user knows (passwords)
Possession – things the user has (card)
Inherence - things the user is (biometrics)
- physical biometrics
- behavioral biometrics
There’s at least one more. There’s “convergence”
which is the interactions of the outside world with
you.